CVE-2019-11370 (pcoweb_card_firmware)

Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html “System contact” field.
Source: NIST
CVE-2019-11370 (pcoweb_card_firmware)